Hackers have managed to hijack hundreds of high-profile websites over the years, to make them promote online stores selling pirated software at about 5-10% of retail costs. They use a scheme that involves cloaking (making spammy links visible only to search engine crawlers) and conditional redirects (checking to see where visitors came from, and if from clicking on links on compromised sites, got redirected to their online stores)
Despite warnings, most of those sites still remain hacked, helping to sell pirated software and steal credit card numbers. This negligence of site/server admins encouraged criminals to increase reputation abuse and resource utilization of compromised servers.
A post at blog.unmask.parasites details the ‘whens and hows’ of this compromise method. Definitely a technical read, especially if you follow the links to previous reports, and certainly worth the read if interested in understanding how to protect your own online commerce site.
Doorway pages on compromised legitimate sites remain a popular tool for criminals to drive traffic to their shady resources. They work quite well since there are many webmasters who don’t look after their sites or can’t detect this sort of attack. If you don’t want to help hackers make money abusing your site resources, you should know how to detect doorway pages and spammy links on your site. Visit the unmask parasites blog for recommendations and tools.